def post(self):
"""
Register a new user and dispatch an email with a registration token
"""
req = api.payload
try:
user_schema.load(req, unknown=INCLUDE)
except ValidationError as err:
return {'error': err.messages}
username = req.get('username', None)
email = req.get('email', None)
password = req.get('password', None)
recaptchaToken = req.get('recaptchaToken', None)
# Verify recaptchaToken via Google's recaptcha API
if recaptchaToken is None:
return {'message': 'Missing recaptcha token'}, 500
payload = {
'secret': os.getenv('CAPTCHA_SECRET'),
'response': recaptchaToken
}
r = requests.post('https://www.google.com/recaptcha/api/siteverify',
data=payload)
if r.json()['success'] is False:
return {'message': 'Invalid recaptcha token'}, 500
# Instantiate new User
new_user = User(
username=username,
password=guard.hash_password(password),
email=email,
)
username_exists = User.query.filter_by(
username=username).scalar() is not None
if (username_exists):
return {'message': 'Username already in use'}, 500
email_exists = User.query.filter_by(email=email).scalar() is not None
if (email_exists):
return {'message': 'E-mail already in use'}, 500
try:
db.session.add(new_user)
db.session.commit()
guard.send_registration_email(email, user=new_user)
except Exception:
return {'message': 'Unable to register new account'}, 500
response = {
'message':
'Successfully sent verification email to user {}'.format(
new_user.username)
}
return response
def register():
req = flask.request.get_json(force=True)
email = req.get('email', None)
password = req.get('password', None)
new_user = User(password=guard.hash_password(password),
email=email,
roles='user')
db.session.add(new_user)
db.session.commit()
# guard.send_registration_email(email, user=new_user)
ret = {
'message': 'successfully register with email {}'.format(new_user.email)
}
return flask.jsonify(ret), 201
def register():
data=request.get_json()
if data["handle"]=="" or data["password"]=="":
return jsonify({"error":"InvalidError","message":"Fill all fields!","status_code":400}),400
if User.query.filter_by(handle=data["handle"]).one_or_none():
return jsonify({"error":"DuplicateError","message":"This handle already exists!","status_code":400}),400
user=User(handle=data["handle"],pwdhash=guard.hash_password(data["password"]))
db.session.add(user)
db.session.commit()
for i in range(3):
if data["skills"][i]:
db.session.add(UserSkill(uid=user.id,sid=i+1))
db.session.commit()
return jsonify({"message":"Registration successful!"}),200
def password_reset():
"""Reset password by flask_praetorian"""
req = request.get_json(force=True)
user = flask_praetorian.current_user()
if req["old-password"] != req["new-password"]:
try:
guard.authenticate(user.email, req['old-password'])
user.password = guard.hash_password(req["new-password"])
db.session.commit()
# ret = {'access_toke': guard.encode_jwt_token(user)}
return jsonify("password updated"), 200
except Exception:
return {"Error", "password incorrect"}, 401
else:
return {"Error", "password is the same"}, 401
def post(self):
req = request.get_json(force=True)
email = req.get("email", None)
password = req.get("password", None)
try:
user = User(
email=email, password=guard.hash_password(password), roles="user"
)
db.session.add(user)
db.session.commit()
user = guard.authenticate(email, password)
except:
ret = {"message": "user exists"}
return ret, 401
ret = {"access_token": guard.encode_jwt_token(user)}
return ret, 200
def post(self):
"""
Register a new user and dispatch an email with a registration token
"""
req = api.payload
try:
user_schema.load(req, unknown=INCLUDE)
except ValidationError as err:
return {'error': err.messages}
username = req.get('username', None)
email = req.get('email', None)
password = req.get('password', None)
new_user = User(
username=username,
password=guard.hash_password(password),
email=email,
)
username_exists = User.query.filter_by(
username=username).scalar() is not None
if (username_exists):
return {'message': 'Username already in use'}, 500
email_exists = User.query.filter_by(email=email).scalar() is not None
if (email_exists):
return {'message': 'E-mail already in use'}, 500
try:
db.session.add(new_user)
db.session.commit()
guard.send_registration_email(email, user=new_user)
except Exception:
return {'message': 'Unable to register new account'}, 500
response = {
'message':
'Successfully sent verification email to user {}'.format(
new_user.username)
}
return response
def sign_in():
"""
Sign in an user by parsing POST request contains user data and using JWT token response
Fields valid by user
"""
req = request.get_json(force=True)
name = req["name"].capitalize()
surname = req["surname"].capitalize()
nick = req["nick"]
email = req["email"]
password = req["password"]
if nick[0] != "@":
nick = "@" + nick
try:
if db.session.query(User).filter_by(email=email).count() < 1 and \
db.session.query(User).filter_by(nick=nick).count() < 1:
db.session.add(
User(
email=email,
name=name,
surname=surname,
nick=nick,
password=guard.hash_password(password),
roles="user",
)
)
db.session.commit()
user = guard.authenticate(email, password)
# Create user directory
os.makedirs("statics/user/" + nick)
ret = {'access_token': guard.encode_jwt_token(user)}
return ret, 200
except Exception as e:
return {"Error": str(e)}, 500
return {'signing_error': 'Email or nick is currently in the system'}, 401
def patch(self):
"""
Update User Password
"""
req = api.payload
# Check User permission
user = flask_praetorian.current_user()
# Edit Password
password = req.get('password')
password_hash = guard.hash_password(password)
user.password = password_hash
try:
db.session.commit()
except Exception:
return {'message': 'Unable to edit password'}, 500
response = {'message': 'Password updated successfully'}
return response
def seed_user(app):
"""
Make seeder if it is necessary
"""
with app.app_context():
db.create_all()
if db.session.query(User).filter_by(
email="*****@*****.**").count() < 1:
db.session.add_all([
User(
id=1,
email="*****@*****.**",
name="Infolojo",
surname="Infolojo",
nick="@infolojo",
password=guard.hash_password("pestillo01"),
roles="admin",
),
User(
id=2,
email="*****@*****.**",
name="Javier",
surname="Ortega",
nick="@javier",
password=guard.hash_password("pestillo01"),
roles="user",
),
User(
id=3,
email="*****@*****.**",
name="Javier",
surname="Gonzalez",
nick="@javier2",
password=guard.hash_password("pestillo01"),
roles="user",
),
User(
id=4,
email="*****@*****.**",
name="Marina",
surname="Miriam",
nick="@marina",
password=guard.hash_password("pestillo01"),
roles="user",
),
User(
id=5,
email="*****@*****.**",
name="alicia",
surname="Lojo",
nick="@alicia",
password=guard.hash_password("pestillo01"),
roles="user",
)
])
db.session.commit()
create_user_directory(nicks=[
'@infolojo', "@javier", "@javier2", "@marina", "@alicia"
])